How much can you trust Django apps?

A

Artur Zenkov2015-10-14 01:20:42

Django

Artur Zenkov, 2015-10-14 01:20:42

How normal is it to install many (a dozen) applications for a resource?
They certainly save a lot of time but also increase the number of points of failure.
Do I need to carefully study the source code for any intentional vulnerabilities or to avoid sudden surprises in the work?
Is there a compatibility issue?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

F

Foo Bar, 2015-10-14
@atomheart

"Trust but check". And of course it depends on the tasks:
If you need to quickly assemble a working prototype, then applications are a good option.
If the project is with a long-term perspective and constant development, then everything that can be replaced / rewritten, it seems to me, should be replaced with your own code in order to better know what works and how and not depend on third-party development.
Only without fanaticism. There are good and well-maintained applications that will cost a lot of labor and money to develop on their own, so it doesn't make much sense.
To check the solution, there are various kinds of audit offices, services and standards that will check both for security and for load if necessary.

U

un1t, 2015-10-14
@un1t

Your code that you write instead of another application, doesn't it increase the number of points of failure?
The recipes are
1) you look at the number of stars the project has on github
2) you read the source code
For some applications, the 1st point is enough, for some the 2nd is required, it depends on the scale and requirements of your project and the criticality of a particular application for it.